Interpreting the FBI’s “2025 Internet Crime Report”: AI Scams Become the Biggest Variable, and People Over 60 Become the Primary Target of Crypto Scams | #cybercrime | #infosec

Author: SlowMist Technology

On April 7, 2026, the Federal Bureau of Investigation (FBI) released its “2025 Internet Crime Report.” This report, coinciding with the 25th anniversary of the FBI’s Cybercrime Reporting Center (IC3), analyzes over 1 million complaints collected in 2025, providing in-depth analysis of the historic losses exceeding $20.8 billion, victim profiles, investment fraud, and other core crime types. It also highlights the evolving role of artificial intelligence (AI) in online fraud and breakthroughs made by law enforcement in asset recovery.

This article will interpret the core content of the report, helping readers quickly grasp the dynamic changes in global cybersecurity threats in 2025 and improve their awareness and prevention capabilities against complex cyber fraud and AI-driven threats.

Key Point 1: IC3 Complaint Data in 2025

1. Overall Situation

In 2025, IC3 received 1,008,597 complaints, involving total losses of $20.877 billion, a 26% increase from 2024, with an average loss of approximately $20,699 per incident. Of these, 85% of the losses were caused by online fraud.

2. Information regarding cryptocurrencies

There were a total of 181,565 cryptocurrency-related complaints, resulting in losses of $11.366 billion, a 22% increase compared to 2024. Of these, 18,589 investors lost more than $100,000. The largest group of complainants was those aged 60 and over.

Key Point Two: Analysis of the Victim Group

1. Overall Age Distribution

• For those aged 60 and over: 201,266 complaints, with losses amounting to approximately $7.75 billion.

• 50-59 years old: 124,820 complaints, with losses of approximately $3.68 billion.

• 40-49 years old: 167,066 complaints, with losses of approximately $2.96 billion.

• 30-39 years old: 153,293 complaints, with losses of approximately $1.74 billion.

• 20-29 years old: 112,069 complaints, with losses of approximately $560 million.

• Under 20 years old: 31,254 complaints, with losses of approximately $67.1 million.

2. Victims of Cryptocurrency Transactions

In cryptocurrency investment scams, the 60-year-old and older demographic received the most complaints (13,685 cases) and suffered losses totaling $2.76 billion, far exceeding other age groups. This group was also the most severely affected by cryptocurrency ATM/Kiosk scams, with 6,188 related complaints and losses of approximately $257 million. Due to a lack of understanding of emerging financial technologies and payment methods (such as cryptocurrency ATMs and QR code transfers), coupled with relatively weak fraud prevention awareness, people over 60 have become a primary target for scammers.

It is worth noting that many victims, after being scammed the first time, fall victim to a second scam by trusting so-called “funds recovery services”—this age group once again tops the list of “recovery scams” with 2,529 complaints and losses exceeding $540 million.

3. Main types of scams encountered by people aged 60 and above

• The most frequently complained-about types of fraud are: phishing/identity impersonation, technical support/customer service fraud, investment fraud, personal data breach, and emotional/trust fraud.

• The types of scams that cause the most losses are: investment scams, technical support/customer service scams, emotional/trust scams, business email scams (BEC), and scams impersonating government officials.

Key Point 3: Crime Type Analysis

1. In terms of the number of complaints

• Investment fraud: 72,984 cases.

• Personal data breaches: 67,456.

2. In terms of the amount of loss

3. Cryptocurrency-related crimes

Key Point Four: Online Fraud and Law Enforcement Achievements

1. The overall situation of online fraud

In 2025, IC3 received 452,868 complaints of online fraud, resulting in losses of $17.697 billion, accounting for 85% of its total losses for the year.

The transaction types with the most complaints include cryptocurrencies, wire transfers/ACH transfers, debit/credit card transfers, peer-to-peer transfers, gift cards/prepaid cards, checks/bank drafts, and cash.

2. Typical Fraud Methods

• Impersonating government officials to commit fraud: approximately 32,000 complaints, resulting in losses of $798 million.

3. Cyber ​​threats

The types of cyber threats reported to IC3 in 2025 include:

• Data breaches: accounting for 39%, making it the most common type.

• Ransomware: accounting for 36%, ranking second.

• SIM card replacement: 10%.

• Malware: 9%.

• Botnets: 7%.

Of these, 3,600 ransomware complaints resulted in losses exceeding $32 million. Major ransomware variants included Akira, Qilin, INC./Lynx/Sinobi, BianLian, Play, Ransomhub, Lockbit, Dragonforce, SAFEPA, and Medusa.

In response to the frequent ransomware attacks, the FBI recommends that businesses and organizations take the following key protective measures:

• Create off-site or offline backups and maintain backup and recovery mechanisms regularly;

• Clear default passwords and credentials during software installation;

• Unnecessary protocols are disabled and removed by default.

• Enable multi-factor authentication (MFA) for all services whenever possible;

• Protect the initial entry point for intrusion;

• Implement network segmentation to prevent ransomware spread;

• Update all operating systems, software, and firmware promptly.

4. Asset Recovery Results

• In 2025, the FBI RAT intercepted 3,900 cases through FFKC, freezing $679 million in funds, with a fund interception success rate of 58%.

• Operation Level Up has issued warnings to more than 8,000 victims and saved them more than $500 million in potential losses.

• Working with Indian law enforcement to combat call center fraud, they achieved more than 475 arrests through 27 joint operations.

• In financial fraud cases, multiple large sums of money were successfully frozen and recovered.

Key Point Five: The Application of Artificial Intelligence (AI) in Cybercrime

1. Overall Situation

In 2025, IC3 received more than 22,000 complaints related to AI. The total losses caused by these complaints exceeded $893 million.

2. In terms of the number of complaints

• Personal data breaches: 1,204.

• Phishing/impersonation scams: 803 cases.

3. In terms of the amount of loss

4. Specific Applications of AI in Typical Fraud Scenarios

According to the report, AI has been widely used in the following typical fraud scenarios:

• Business email fraud (BEC): Using AI to generate emails impersonating executives or issuing transfer instructions via voice cloning, related losses exceeded $30 million in 2025.

• Emotional/trust scams: AI generates fake identities and dialogue scripts, and even uses voice cloning to simulate relatives asking for help, resulting in losses exceeding $19 million;

• Recruitment fraud: Using voice spoofing or deepfake techniques during remote interviews to gain access to internal corporate networks, resulting in losses of nearly $13 million;

• Investment fraud: Using AI to generate personalized communication content in bulk and forging videos and voice recordings of celebrity or authority endorsements, resulting in losses exceeding $632 million.

Overall, AI is lowering the barriers to fraud and significantly enhancing the scale and disguise capabilities of scams.

Summarize

The FBI’s 2025 Internet Crime Report further reveals the profound evolution of the current cybercrime ecosystem: On the one hand, the scale of fraud continues to climb, with cryptocurrency remaining a significant vehicle for fund transfers and money laundering; on the other hand, criminal methods are rapidly shifting from traditional “opportunistic fraud” to “precision and industrialized operations,” particularly with its high-intensity penetration among the elderly and the proliferation of secondary scams such as “recovery scams,” reflecting attackers’ deep exploitation of victims’ psychology and behavioral patterns. Simultaneously, the introduction of artificial intelligence technology is significantly lowering the barriers to fraud and amplifying attack efficiency, gradually transforming cyber fraud into a complex threat system characterized by automation and scale.

Despite the progress made by law enforcement agencies in intercepting funds and cross-border cooperation, the overall scale of losses and growth trends indicate that the risk situation remains severe. For ordinary users, establishing basic risk identification capabilities and anti-fraud awareness has become a “must-learn” course in the digital age. For industry participants and regulatory agencies, improving their comprehensive ability to identify fund flows, behavioral patterns, and abnormal signals at the technological level, and strengthening cross-regional collaborative governance, will be key to addressing new forms of cybercrime in the future.